One of the first arguments I hear every time I start talking about NSX usually goes something like, “You are talking about handling networking within an x86 platform. There is no way that is going to scale the way ASIC can.” I heard this very same argument just yesterday afternoon. And at least twice last week. It is a very common misconception from someone who doesn’t understand the architecture behind NSX. Let me first say that I agree unequivocally that if you were to replace your ASIC sitting at an aggregation point on your network (top-of-rack, end-of-row agg, etc) with an x86 solution, it will tank. No argument from me there. ASIC is necessary for that function. The difference here is that the VMware DVSwitch (and in conjunction the NSX distributed logical router and firewall) is not sitting at an aggregation point, but a distribution point. This is key. If you think about it, we have been using the vSwitch since 2003. The VMware DVS or 1kv is probably pushing...

There has been some recent “Brew Ha-Ha” in the media over the Imperative vs Declarative SDN models. I think most of this is coming to the surface now because of the recent presentations and announcements at InterOp. Even I became caught up in the arguing. Specifically after a recent “Networkworld.com” article referring to Cisco’s OpFlex (and the declarative model that it operates in) as the “OpenFlow SDN killer.” Actually, before I go on, can someone please come up with a better naming convention for these protocols? OpFlex sounds like some early-90’s infomercial exercise equipment, and OpenFlow sounds like some sort of personal hygiene product. Frankly that article just really ticked me off. It appeared to me that Cisco was in essence giving the “middle-finger” to the Open Networking Foundation (ONF) and the work Cisco has been doing with OpenDaylight. The problem here seems to be the mixed-messaging coming from Cisco. Jim Duffy with NetworkWorld.com brilliantly highlights this here. On the one hand Cisco does not endorse the imperative SDN...

A few years from now I expect that you will not hear the term “Software Defined Networking” that much. To us it will just be “networking.” Similar to how the term “Big Data” will probably just be “Data” at some point. That’s how evolution in the IT industry works, the buzz word or concept of today can become the industry standard of tomorrow. In the history of computer science, it is also apparent that software always wins. What is defined in hardware in the beginning will eventually give way to an industry standard interface that software will then be responsible for managing. This is not a new or surprising concept in most IT silos. However networking is certainly the last remaining “ivory tower” to evolve in this manner. That is changing. Lets step back and take a look at compute for a moment. I recently had the opportunity to meet with HP’s Deepak Munjal. He is the leading technical SME for HP’s SDN initiative. He made a very interesting...

Today I’d like to walk through the process of configuring dynamic routing between an NSX distributed logical router and an NSX edge. We will be using OSPF to advertise routes owned by the distributed logical router (DLR) to the edge device. In a previous post I discussed the advantages of leveraging the DLR to optimize East/West traffic. We will now be attaching an NSX edge device to provide North/South connectivity into the environment. In this design, all of your East/West traffic is handled by the DLR, and only ingress/egress traffic will be traversing the edge virtual appliance. It should become quite clear by this example exactly how well NSX can scale, and how it can be customized to support literally any network design. First lets start with a logical diagram of what this will look like when complete: (Credit: VMware) As you can see, we have a typical three-tier app design (web, app, and DB) attached to logical switches (VXLAN virtual wires) that then connect to the DLR. We...

VMware has done an excellent job in publicizing the features of its new NSX network virutalization platform. At least to vGeeks like myself. I am finding however that in the scope of various IT professionals that I interact with on a day-to-day basis, the level of familiarity is still quite limited. I suppose that is to be expected since it was only just announced at VMWorld last year, and unless you were included in the beta process, that would have been your first view of the product. SDN in general, and NSX specifically, completely changes the paradigm of how we think of (and interact with) network services. So this is really a lot to chew on. It’s not something you are going to read a white paper on, deploy, and call it a day. It will fundamentally change many of your business processes. And this is not necessarily a bad thing. What I would like to do is publish a few blog posts on specific features of the NSX...

When the “Software Defined Networking” buzzword first emerged from the halls of UC Berkeley back in 2008, the definition was simply the separation or abstraction of the data plane from the control plane for all network elements. Meaning that my data plane (read: switches, routers, firewalls, load balancers, etc) are all API driven/controlled from a centralized control layer (the control plane). The control plane is in turn driven by the management interface (the management plane). As is typical of the general IT market, this fairly simple to understand concept has become obscured almost to the point where it can mean different things to different people. I want to try to shed some light on how I see the SDN landscape evolving. Please understand that this is my take on this subject, and your mileage may vary. This is a dynamically evolving space, and as vendors work to come up with ways to sell you things that fit within the SDN arena, it seems like each approach is slightly different...